def update(self, request, *args, **kwargs):
"""
used for updating permissions/role of user in matter
"""
data = request.DATA.copy()
username = data.get('username')
role = data.get('role', None)
permissions = data.get('permissions')
try:
participant = User.objects.get(username=username)
except User.DoesNotExist:
return Response({'details': 'User does not exist (username=%s)' % username})
perms = participant.matter_permissions(matter=self.matter)
if perms.pk is None:
# user is not a participant of this matter yet
raise Http404
if role is not None:
perms.role = ROLES.get_value_by_name(role)
perms.update_permissions(**permissions)
perms.save()
return Response(LiteUserSerializer(participant, context={'request': self.request,
'matter': self.matter}).data,
status=http_status.HTTP_202_ACCEPTED)
def can_edit(self, user):
role = self.request.DATA.get('role')
if not role:
return False
# manage_participants overrides manage_clients
if user.matter_permissions(matter=self.matter).has_permission(manage_participants=True) is True:
return True
elif ROLES.get_value_by_name(role.lower()) == ROLES.client:
return user.matter_permissions(matter=self.matter).has_permission(manage_clients=True) is True
def transform_role(self, role):
"""
Transform the role taking into account the fake co-owner->owner relationship
"""
return ROLES.get_value_by_name('owner') if role == 'co-owner' else ROLES.get_value_by_name(role)
